Every day I experience life in the world of healthcare IT, supporting 3000 doctors, 18000 faculty, and 3 million patients. In this blog I record my experiences with infrastructure, applications, policies, management, and governance as well as muse on such topics such as reducing our carbon footprint, standardizing data in healthcare, and living life to its fullest.

Friday, April 13, 2012

Cool Technology of the Week

I've written several posts about BIDMC's use of "private cloud" approaches to host electronic records and gather community-wide quality data. Healthcare organizations have avoided the use of "public cloud" because of HIPAA/HITECH privacy concerns, lack of breach indemnification/data integrity guarantees, and the unwillingness of many cloud providers to sign business associate agreements.

CDC is the first government agency to complete all the rigorous certification needed to host sensitive data in the public cloud.

CDC has also built gateways that make it easy for public health departments to submit data to the cloud - a Direct Project adapter, an NwHIN Exchange adapter, and others. Meaningful Use Stage 1 requires the testing of health information exchange with public health and Beth Israel Deaconess did its transactions with the Boston Public Health Commission (BPHC), which stored them in CDC's public cloud. BPHC was the first public health department in the nation to provide data feeds to the Amazon infrastructure.

Finally, CDC has enabled queries of the cloud data using multiple platforms including open source analytical tools such as R.

A secure, HIPAA-compliant public cloud that includes healthcare information exchange gateways and analytical tools. That's cool!

It was nice meeting you in Baltimore, MD and pleasure talking to you. Thanks for providing information on Amazon's AWS GovCloud and how it is being used. This is the first time i am reading your blog and it is very informative.

Be careful...there is a difference between FISMA Moderate and FISMA High. GovCloud is AWS in a different building with FISMA-Moderate security controls. Why not run hybrid to keep sensitive data in FISMA High protection instead of FISMA Moderate? There is only one cloud vendor that can give customers a hybrid cloud, and therefore, achieve FISMA Moderate and FISMA High: VMware

Be careful...FISMA Moderate and FISMA High are very different.GovCloud is AWS in a different building with FISMA-Moderate security controls.Why not run hybrid cloud to keep sensitive data in FISMA High protection instead of FISMA Moderate? There is only one cloud vendor that can provide hybrid cloud that gives cusotmers FISMA High: VMware